Vulnerabilities > CVE-2011-0836 - Unspecified vulnerability in Oracle products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN oracle
exploit available
Summary
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
Vulnerable Configurations
Exploit-Db
description Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu_Menu.mafService e1.namespace Parameter XSS. CVE-2011-0836. Remote exploits for multipl... id EDB-ID:35639 last seen 2016-02-04 modified 2011-04-19 published 2011-04-19 reporter Juan Manuel Garcia source https://www.exploit-db.com/download/35639/ title Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu_Menu.mafService e1.namespace Parameter XSS description Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu.maf jdeowpBackButtonProtect Parameter XSS. CVE-2011-0836. Remote exploits for multiple... id EDB-ID:35638 last seen 2016-02-04 modified 2011-04-19 published 2011-04-19 reporter Juan Manuel Garcia source https://www.exploit-db.com/download/35638/ title Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu.maf jdeowpBackButtonProtect Parameter XSS description Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu_OCL.mafService e1.namespace Parameter XSS. CVE-2011-0836. Remote exploits for multiple... id EDB-ID:35640 last seen 2016-02-04 modified 2011-04-19 published 2011-04-19 reporter Juan Manuel Garcia source https://www.exploit-db.com/download/35640/ title Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu_OCL.mafService e1.namespace Parameter XSS description Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget Parameter XSS. CVE-2011-0836. Remote ... id EDB-ID:35642 last seen 2016-02-04 modified 2011-04-19 published 2011-04-19 reporter Juan Manuel Garcia source https://www.exploit-db.com/download/35642/ title Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget Parameter XSS description Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/MafletClose.mafService RENDER_MAFLET Parameter XSS. CVE-2011-0836. Remote exploits for multip... id EDB-ID:35641 last seen 2016-02-04 modified 2011-04-19 published 2011-04-19 reporter Juan Manuel Garcia source https://www.exploit-db.com/download/35641/ title Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/MafletClose.mafService RENDER_MAFLET Parameter XSS
Packetstorm
| data source | https://packetstormsecurity.com/files/download/100649/cybsecoraclejd-xss.txt |
| id | PACKETSTORM:100649 |
| last seen | 2016-12-05 |
| published | 2011-04-21 |
| reporter | Juan Manuel Garcia |
| source | https://packetstormsecurity.com/files/100649/Oracle-JD-Edwards-EnterpriseOne-Cross-Site-Scripting.html |
| title | Oracle JD Edwards EnterpriseOne Cross Site Scripting |